Home / My courses / IBM Business Partners / Sales Foundations Exams / IBM Security Guardium Sales Fundamentals Learning Plan

/ IBM Security Guardium Sales Fundamentals Learning Plan - Technology enablement quizzes / IBM Security Guardium Data Encryption Sales Level 2 quiz - 45 minutes
/ IBM Security Guardium Data Encryption Sales Level 2 quiz

Started on Thursday, May 19, 2022, 4:54 PM

State Finished
Completed on Thursday, May 19, 2022, 5:11 PM
Time taken 16 mins 17 secs
Grade 23.00 out of 25.00 (92%)
Feedback Congratulations, you have passed the Guardium Data Encryption Sales Fundamentals Level 2 quiz!

Question 1 You have a prospect who has over �ve cloud vendor environments that they need to secure and each cloud vendor has
Correct a different encryption key system. You are con�dent you can win the business by informing them that Guardium for
1.00 points out Cloud Key Management can address their encryption logistic nightmare. Which answer best articulates this position?
of 1.00

a. Guardium for Cloud Key Management is more sophisticated than a native key management solutions.
b. Guardium for Cloud Key Management can delete keys from any cloud service provider, thus rendering the data
encrypted under those keys useless.
c. Guardium for Cloud Key Management provides 3rd party data at rest encryption to databases stored in cloud
service providers.
d. Guardium for Cloud Key Management helps orchestrate the native key management systems of cloud 
service providers like AWS, Azure, IBM Cloud and Google Cloud.

The correct answer is: Guardium for Cloud Key Management helps orchestrate the native key management systems of
cloud service providers like AWS, Azure, IBM Cloud and Google Cloud.
Question 2 Which component of Guardium Data Encryption is the central tool for managing keys, security policy and auditing for
Correct the entire platform?
1.00 points out
of 1.00 a. Enterprise Data Encryption Key Management
b. Guardium for File and Database Encryption
c. Guardium for Cloud Key Management
d. CipherTrust Manager 

The correct answer is: CipherTrust Manager

Question 3 Guardium for File and Database Encryption allows you to select different levels of user access policy. If a PRIVILEGED
Correct user attempts to access encrypted data, what will the response be from the server?
1.00 points out
of 1.00 a. Access will be denied
b. Encrypted text/data 
c. Clear text/data
d. Tokenized text/data

The correct answer is: Encrypted text/data

Question 4 Guardium for File and Database Encryption allows you to set access policies by a number of criteria. Which one of the
Correct following is not a criteria?
1.00 points out
of 1.00 a. Operating system: OS of the database where data is stored 
b. User: user or group executing the process
c. Action: the IO type, such as read, write, delete, create �le, etc.
d. File name being accessed, Example: *.pdf; a1*.log

The correct answer is: Operating system: OS of the database where data is stored

Question 5 You are meeting with a prospective customer and they ask about competitors of IBMs Guardium for Cloud Key
Correct Management offering. You address all but one of the following. Which did you exclude, as they are not considered a
1.00 points out "primary competitor"?
of 1.00

a. Thales
b. Microsoft
c. Amazon
d. MongoDB 

The correct answer is: MongoDB

Question 6 You found out that one of your Guardium Data Encryption customers has a mandate to move sensitive data to cloud
Correct service providers (CSPs). Which of the following is the best topic to start a conversation to position Guardium Cloud Key
1.00 points out Manager?
of 1.00

a. Having your cloud service providers (CSP) do key management

b. Choosing only one cloud service provider (CSP)
c. Bring your own key (BYOK) 
d. Proprietary encyption

The correct answer is: Bring your own key (BYOK)

Question 7 Which of these is not an advantage that Guardium for Cloud Key Management (GCKM) has versus native key
Correct management?
1.00 points out
of 1.00 a. Allows you to manage encryption keys for on-premise self-encrypting storage 
b. Allows you to manage a key's entire lifecycle outside of public cloud
c. Allows you to use your own key material and escrow it in your architecture
d. Allows you to Own the original copy of key material in your data center and restore it back to the cloud as
needed

The correct answer is: Allows you to manage encryption keys for on-premise self-encrypting storage
Question 8 Which is NOT a member of the CipherTrust Manager suite?
Correct

1.00 points out a. Guardium Vulnerability Assessment 

of 1.00
b. Guardium File and Database Encryption
c. Guardium Cloud Key Manager
d. Guardium Application Encryption

The correct answer is: Guardium Vulnerability Assessment

Question 9 Guardium for Cloud Key Management (GCKM) orchestrates the keys across multiple clouds from a centralized platform.
Correct Which of the following use case describes this capability?
1.00 points out
of 1.00 a. GCKM is just what we call the CipherTrust Manager when it's deployed in the cloud.
b. GCKM helps to discover data encryption keys stored in cloud service providers, like AWS, Azure, IBM Cloud
and Google Cloud.
c. GCKM allows you to Bring Your Own Key (BYOK) or Keep Your Own Key (KYOK) to cloud service providers 
d. GCKM is an add on-part to Guardium for Enterprise Data Encryption Key Management that extends all its
capabilities to the cloud.

The correct answer is: GCKM allows you to Bring Your Own Key (BYOK) or Keep Your Own Key (KYOK) to cloud service
providers
Question 10 During a deployment discussion with the client's database team, you mention that agents will be placed on whatever
Correct servers contain data that needs to be encrypted. The IT manager interrupts you and asks you to explain what agents
1.00 points out do. You respond by saying that, "Agents are..
of 1.00

a. Additional personnel needed to monitor log events on the database servers.

b. Lightweight pieces of software installed on Windows, Linux or AIX servers that enforce policy, collect logs, 
and request and implement keys.
c. A list of folders and �les for the registered host, maintained on the CipherTrust Manager
d. A set of rules, stored on the CipherTrust Manager, that de�ne how a GuardPoint should be accessed.

The correct answer is: Lightweight pieces of software installed on Windows, Linux or AIX servers that enforce policy,
collect logs, and request and implement keys.

Question 11 You're conducting a data security brie�ng and you highlight the �ve data security fundamentals. The clients wants to
Correct know more about encryption and you do a deeper dive into which security fundamental?
1.00 points out
of 1.00 a. Discover
b. Protect 
c. Respond
d. Analyze

The correct answer is: Protect

Question 12 What is the purpose of multi-domain key management and separation of duties. on the CipherTrust Manager?
Correct

1.00 points out a. The CipherTrust Manager does not actually provide multi-domain key management or separation of duties.
of 1.00
b. It is required to meet compliance for all privacy regulations
c. It can be used to separate administrators, the data they can access, from other administrators 
d. It makes it easier to determine where there has been a data breach

The correct answer is: It can be used to separate administrators, the data they can access, from other administrators

Question 13 Congratulations! You �nally got a meeting with the CISO and it's time to start preparing. Which of these topics do you
Correct think will be the most relevant for the meeting?
1.00 points out
of 1.00 a. Monetize corporate data
b. Ensure that AI and Big Data is ethically used
c. Ensure data compliance wherever the data resides 
d. Determine cost effectiveness of cloud service providers

The correct answer is: Ensure data compliance wherever the data resides
Question 14 You have an existing Guardium customer who needs to desensitize personal information so they can share it with
Correct developers who are building a new application. While the data must be made unreadable from the original form, they
1.00 points out need to preserve the count and referential integrity of the alphanumeric. Which of these encryption approaches do they
of 1.00 need?

a. Encryption
b. Redacting
c. Tokenization
d. Masking 

The correct answer is: Masking

Question 15 A prospect is leaning toward a native encryption solution versus buying another security offering. You mention all of the
Correct following functional bene�ts of Guardium Data Encryption except for which of the following?
1.00 points out
of 1.00 a. Guardium Data Encryption is priced competitively with native encryption. 
b. Guardium Data Encryption allows customers to set granular �le access controls.
c. Guardium Data Encryption provides a single policy and management console to monitor and manage data
protection across 1000s of servers.
d. Guardium Data Encryption provides consistent policy enforcement, separation of duties, logging, and auditing
across database platforms.

The correct answer is: Guardium Data Encryption is priced competitively with native encryption.
Question 16 All of the following are use cases for Guardium for File & Database Encryption except for which one choice?
Correct

1.00 points out a. Live Data Transformation

of 1.00
b. Encrypt Data-at-rest
c. Protect Data-in-transit 
d. Access Controls

The correct answer is: Protect Data-in-transit

Question 17 What was the former name of the CipherTrust Manager in GDE version 4 and earlier?
Correct

1.00 points out a. Data Encryption Manager (DEM)

of 1.00
b. Vormetric Encryption Manager (VEM)
c. Data Security Manager (DSM) 
d. It's always been called the CipherTrust Manager (CM)

The correct answer is: Data Security Manager (DSM)

Question 18 When a system is infected with ransomware, which one of the �les is a hacker most likely to ex�ltrate?
Correct

1.00 points out a. operating system �les

of 1.00
b. audit log �les
c. monitoring log �les
d. Customer billing data 

The correct answer is: Customer billing data

Question 19 Guardium for File and Database Encryption provides what kind of encryption to prevent against ransomware attacks?
Correct

1.00 points out a. Data in transit encryption

of 1.00
b. Data at rest encryption 
c. Data in use encryption
d. Data masking

The correct answer is: Data at rest encryption

Question 20 A pharmaceutical company is conducting clinical trials on a new drug and is leveraging several cloud service providers
Correct for their data encryption and key management services. Consequently, they are struggling to keep up with the key
1.00 points out management services of multiple cloud service providers and need a solution that will orchestrate and manage
of 1.00 multiple keys across the cloud from a single dashboard. Which solution would you recommend they purchase?

a. Guardium for File and Database Encryption

b. Guardium for Cloud Key Management 
c. CipherTrust Manager
d. Guardium Insights

The correct answer is: Guardium for Cloud Key Management

Question 21 You have made it through the preliminary rounds of your prospect's evaluation process of Guardium File & Database
Correct Encryption. Now they want you to be prepared to talk about how you compare to the competition. Which of these
1.00 points out offerings is your prospect most likely NOT going to ask you about?
of 1.00

a. Oracle native encryption

b. Amazon Web Services 
c. Linux native encryption
d. Thales

The correct answer is: Amazon Web Services

Question 22 A prospect asks you how encryption helps with ransomware attacks. You can say that, on average, data breaches at
Correct organizations with extensive use of encryption cost how much less than the average breach?
1.00 points out
of 1.00 a. $273 K (USD) 
b. $2.730 K (USD)
c. The cost of the encryption software
d. $273 M (USD)

The correct answer is: $273 K (USD)

Question 23 You have an existing Guardium Data Encryption customer that is questioning how encryption will help with new types
Correct of attacks. In the simplest terms, how would you explain to them what encryption does to combat ransomware
1.00 points out attacks?
of 1.00

a. It tracks the attacker's movement in the system

b. It prevents the attacker from breaching the network
c. It gives the attacker fake data
d. It makes the target data unreadable to the attackers 

The correct answer is: It makes the target data unreadable to the attackers
Question 24 You're pitching Guardium for File and Database Encryption to new prospect who recently moved their data to Amazon
Incorrect Web Services. They abruptly interrupt your pitch and ask you, "Why would I need to use IBM's encryption solution if we
0.00 points out are storing everything in the cloud and protecting it with object storage". Your response to them would be which of the
of 1.00 following?

a. Our new pricing model makes File and Database Encryption an attractive backup option for your data 
environment.
b. You have data resident on local storage drives of the Windows, Linux, AIX servers processing the data in the
cloud.
c. While AWS may have encryption at the cloud layer, they do not offer a full suite of data security offerings like
IBM.
d. Ransomware is an aggressive malware attack that requires multiple layers of encryption.

The correct answer is: You have data resident on local storage drives of the Windows, Linux, AIX servers processing the
data in the cloud.

Question 25 You have identi�ed a company that has been a target of both compliance audit failures and is in the same industry
Incorrect where ransomware attacks are on the rise. In your research you have found a list of contacts at the company to reach
0.00 points out out to. Which of these job titles would you spend the LEAST amount of time trying to contact for data security?
of 1.00

a. VP Application Development
b. Security/IT Architect
c. Chief Data Of�cer
d. Chief Information Security Of�cer 

The correct answer is: VP Application Development

 ◄ IBM Security Guardium Insights
Sales Fundamentals Level 2 section 2 - Jump to...
Quiz